Description of problem: Our console has lots of messages like: su(pam_unix)[5854]: session closed for user dag su(pam_unix)[5974]: session opened for user dag by (uid=0) And for security reasons we don't want to have these on the screen. We don't want to disclose what users exist on a system. Since we disabled syslogd/klogd and we still get these messages, they have to come from pam_unix directly ? Is there a way to disable this, I haven't been able to find how though. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Since you have stopped the syslogd daemon and pam_unix uses LOG_CONS flag when logging, the messages which would go to the system log are written on console instead. This is normal behaviour. You can either remove 'session .... pam_unix.so' from the /etc/pam.d/system_auth configuration or just run the syslogd to prevent this behaviour. Note that the session part of the pam_unix module doesn't have any other purpose than logging these messages so removing it is harmless if you don't want to get them.